Pages

Cloud governance

RGPV: Cloud Computing: Unit 3

CLOUD GOVERNANCE

Cloud governance is a
general term for applying specific policies or principles to the use of cloud
computing services. The goal of cloud governance is to secure applications and
data when they are located remotely.

In other terms we can say
that cloud governance refers to the decision making processes, criteria and
policies involved in the planning, architecture, acquisition, deployment,
operation and management of a cloud computing capability.

There are five reasons of
cloud governance:

Ø
Enable “business at cloud speed” and establish a cloud centric IT operating
model based on the speed, agility and cost of cloud computing.

Effective governance tools are necessary to avoid careless or unauthorized use
of cloud based IT resources, which includes the practice known as “shadow IT”.
Ungoverned IT usage can result in very real and dangerous consequences such as
customer and corporate data being exposed, services going down, regulations
being violated, backup plans being overlooked, and a myriad of other IT
safeguards being ignored.

A lack of
control over who can provision a workload to the cloud, where it can be
deployed, for how long, and at what cost or capacity, will not be tolerated by
those responsible for managing IT resource consumption in a large enterprise.
Cloud governance encompasses not just these risk management concerns, but also
significantly impacts overall cloud adoption and the full realization of cloud
agility and cost savings benefits. Increasingly, IT organizations are
recognizing cloud governance as a top concern for their company’s successful
adoption of cloud computing.

The
governance is applied in cloud for:

Ø
Setting company policies in cloud computing.

Ø
Risk based decision which cloud provider, if any, to engage.

Ø
Assigning responsibilities for enforcing and monitoring of the policy
compliance.

Ø
Set corrective action for non-compliance.

Many organizations have
their own cloud governance model; the Microsoft’s Cloud Governance Model is one
of them.

Microsoft’s Cloud Governance
Model

Microsoft (2010) also
proposes a cloud governance model for its azure cloud platform. The main focus
of the governance model from Microsoft is about policy management. The model is
composed of three main parts, including design time, run time governance and
change management governance.

Figure: Microsoft’s Cloud Governance Model (Microsoft, 2010)

During design time, it is
imperative to define service policies, quality of standards and SLA levels.
During runtime, policies are enforced and the application/service performance
and compliance are carefully monitored.

Change management governance is set to track the change activities and asset. It
is required to provide and manage report, alert, and log at the same time. The
three components work together to ensure correct versioning, scale and ensure
security compliance.